From c390580b18db9ef4d46395a93a8bafab438c7f8c Mon Sep 17 00:00:00 2001 From: Amos Jeffries Date: Mon, 11 Aug 2014 10:39:56 -0700 Subject: [PATCH] Docs: audit updates --- src/cf.data.pre | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/cf.data.pre b/src/cf.data.pre index 53e0140e37..8f5888db33 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -1155,7 +1155,7 @@ NAME: proxy_protocol_access TYPE: acl_access LOC: Config.accessList.proxyProtocol DEFAULT: none -DEFAULT_DOC: all TCP connections will be denied +DEFAULT_DOC: all TCP connections to ports with require-proxy-header will be denied DOC_START Determine which client proxies can be trusted to provide correct information regarding real client IP address using PROXY protocol. @@ -1180,7 +1180,7 @@ DOC_START SECURITY CONSIDERATIONS: - Any host for which we accept client IP details can place + Any host from which we accept client IP details can place incorrect information in the relevant header, and Squid will use the incorrect information as if it were the source address of the request. This may enable remote @@ -1236,7 +1236,7 @@ DOC_START SECURITY CONSIDERATIONS: - Any host for which we accept client IP details can place + Any host from which we accept client IP details can place incorrect information in the relevant header, and Squid will use the incorrect information as if it were the source address of the request. This may enable remote -- 2.47.3